1. 16 10月, 2008 1 次提交
  2. 11 10月, 2007 1 次提交
    • E
      [NET]: Make socket creation namespace safe. · 1b8d7ae4
      Eric W. Biederman 提交于
      This patch passes in the namespace a new socket should be created in
      and has the socket code do the appropriate reference counting.  By
      virtue of this all socket create methods are touched.  In addition
      the socket create methods are modified so that they will fail if
      you attempt to create a socket in a non-default network namespace.
      
      Failing if we attempt to create a socket outside of the default
      network namespace ensures that as we incrementally make the network stack
      network namespace aware we will not export functionality that someone
      has not audited and made certain is network namespace safe.
      Allowing us to partially enable network namespaces before all of the
      exotic protocols are supported.
      
      Any protocol layers I have missed will fail to compile because I now
      pass an extra parameter into the socket creation code.
      
      [ Integrated AF_IUCV build fixes from Andrew Morton... -DaveM ]
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1b8d7ae4
  3. 31 7月, 2007 1 次提交
  4. 30 4月, 2007 1 次提交
  5. 26 4月, 2007 1 次提交
    • F
      [PPPOE]: memory leak when socket is release()d before PPPIOCGCHAN has been called on it · 202a03ac
      Florian Zumbiehl 提交于
      below you find a patch that fixes a memory leak when a PPPoE socket is
      release()d after it has been connect()ed, but before the PPPIOCGCHAN ioctl
      ever has been called on it.
      
      This is somewhat of a security problem, too, since PPPoE sockets can be
      created by any user, so any user can easily allocate all the machine's
      RAM to non-swappable address space and thus DoS the system.
      
      Is there any specific reason for PPPoE sockets being available to any
      unprivileged process, BTW? After all, you need a packet socket for the
      discovery stage anyway, so it's unlikely that any unprivileged process
      will ever need to create a PPPoE socket, no? Allocating all session IDs
      for a known AC is a kind of DoS, too, after all - with Juniper ERXes,
      this is really easy, actually, since they don't ever assign session ids
      above 8000 ...
      Signed-off-by: NFlorian Zumbiehl <florz@florz.de>
      Acked-by: NMichal Ostrowski <mostrows@earthlink.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      202a03ac
  6. 04 1月, 2006 1 次提交
  7. 17 4月, 2005 1 次提交
    • L
      Linux-2.6.12-rc2 · 1da177e4
      Linus Torvalds 提交于
      Initial git repository build. I'm not bothering with the full history,
      even though we have it. We can create a separate "historical" git
      archive of that later if we want to, and in the meantime it's about
      3.2GB when imported into git - space that would just make the early
      git days unnecessarily complicated, when we don't have a lot of good
      infrastructure for it.
      
      Let it rip!
      1da177e4